itsassets.ornl.gov
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:dd:51:19:42:a1:b4:9b:a9:d5:4b:74:c9:1b:60:22:a9:66 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=itsassets.ornl.gov
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:dd:51:19:42:a1:b4:9b:a9:d5:4b:74:c9:1b:60:22:a9:66Serial Number (int): 423759345443099092061388525884253795428710
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: d3:56:0f:66:0f:46:9c:1c:a2:9b:69:89:fb:53:e8:13:6a:8f:b0:df
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 83:d1:7d:f6:4f:ed:8e:9b:1f:69:0c:0f:f5:f1:e9:bf:36:70:7d:66
Fingerprint (sha256): 02:f5:b9:58:a2:1a:a9:72:7d:51:35:6f:b4:f1:21:19:fd:f1:2e:2e:c6:63:b2:a6:18:23:ca:31:a8:3b:2a:be
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate itsassets.ornl.gov
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for itsassets.ornl.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
itsassets.ornl.gov
www.itsassets.its.dot.gov
www.itsassets.its.dot.gov
Other certificates including the domain name ornl.gov
(limited to 100 certificates)
5098030885765120-fe4.pantheonsite.io
internal.webmap.ornl.gov
radware.phy.ornl.gov
www.arm.gov
jenkins.ccs.ornl.gov
ccms-cdash.ornl.gov
cades.ornl.gov
Recruiting-tst-internal.ornl.gov
armweb0-stgcms.ornl.gov
5098030885765120-fe4.pantheonsite.io
5098030885765120-fe4.pantheonsite.io
itsdpro.ornl.gov
ornlsurv02.ornl.gov
radware.phy.ornl.gov
eber.ed.ornl.gov
vpnprod3.ornl.gov
fsnutown.phy.ornl.gov
its2010.ornl.gov
Recruiting-eq2.ornl.gov
LYNCPOOL01.ORNL.GOV
tech-showcase.ornl.gov
sldtransfer.ornl.gov
visitors.ornl.gov
orca.phy.ornl.gov
5664512065667072-fe2.pantheonsite.io
savitar.ornl.gov
cades.ornl.gov
www.isotopes.gov
5721718521856000-fe2.pantheonsite.io
its2010.ornl.gov
infoviz.ornl.gov
tokens.ornl.gov
sapsys-qas.ornl.gov
cyber-wb.ornl.gov
fusion-neutronics.ornl.gov
5664512065667072-fe2.pantheonsite.io
5664512065667072-fe2.pantheonsite.io
geoai.ornl.gov
cem.ornl.gov
thredds.daac.ornl.gov
devintidp.ornl.gov
5721718521856000-fe2.pantheonsite.io
devaprsweb01.ornl.gov
ftp.ornl.gov
inspirebridge.ornl.gov
web.ornl.gov
api.granite.ccs.ornl.gov
smcdatachallenge.ornl.gov
home.rrd.ornl.gov
itsassets.ornl.gov
trac.ornl.gov
cdiacservices.ornl.gov
www.isotopes.gov
itsassets.ornl.gov
saponbase.ornl.gov
itsdeployment.ornl.gov
bptechday.ornl.gov
isotopes.phy.ornl.gov
g2mobiletest.ornl.gov
udi.ornl.gov
fegtest.ornl.gov
itsassets.ornl.gov
cem.ornl.gov
swc.ornl.gov
ornlaccess.ornl.gov
ornl.gov
LYNCACCESS.ORNL.GOV
g2photosstg.ornl.gov
savitar.ornl.gov
vera.ornl.gov
thredds.daac.ornl.gov
www.olcf.ornl.gov
asc2019.ornl.gov
ready.ornl.gov
sos23.ornl.gov
LYNCPOOL01.ORNL.GOV
innovationcrossroads.ornl.gov
geoai.ornl.gov
bboxaccess.ornl.gov
5631383682678784-fe4.pantheonsite.io
na21dev2.ornl.gov
armftp.ornl.gov
5736126123868160-fe4.pantheonsite.io
web.ornl.gov
pdt.ornl.gov
prod-web4.adc.arm.gov
5713320610889728-fe3.pantheonsite.io
itsdpro.ornl.gov
healthdata.ornl.gov
web.ornl.gov
RSC.ornl.gov
faf.ornl.gov
docs.excl.ornl.gov
apps.ornl.gov
dtrack2013.ornl.gov
pdt.ornl.gov
cloud.cees.ornl.gov
excl.ornl.gov
finder.extapps.ornl.gov
5631383682678784-fe4.pantheonsite.io
internal.webmap.ornl.gov
radware.phy.ornl.gov
www.arm.gov
jenkins.ccs.ornl.gov
ccms-cdash.ornl.gov
cades.ornl.gov
Recruiting-tst-internal.ornl.gov
armweb0-stgcms.ornl.gov
5098030885765120-fe4.pantheonsite.io
5098030885765120-fe4.pantheonsite.io
itsdpro.ornl.gov
ornlsurv02.ornl.gov
radware.phy.ornl.gov
eber.ed.ornl.gov
vpnprod3.ornl.gov
fsnutown.phy.ornl.gov
its2010.ornl.gov
Recruiting-eq2.ornl.gov
LYNCPOOL01.ORNL.GOV
tech-showcase.ornl.gov
sldtransfer.ornl.gov
visitors.ornl.gov
orca.phy.ornl.gov
5664512065667072-fe2.pantheonsite.io
savitar.ornl.gov
cades.ornl.gov
www.isotopes.gov
5721718521856000-fe2.pantheonsite.io
its2010.ornl.gov
infoviz.ornl.gov
tokens.ornl.gov
sapsys-qas.ornl.gov
cyber-wb.ornl.gov
fusion-neutronics.ornl.gov
5664512065667072-fe2.pantheonsite.io
5664512065667072-fe2.pantheonsite.io
geoai.ornl.gov
cem.ornl.gov
thredds.daac.ornl.gov
devintidp.ornl.gov
5721718521856000-fe2.pantheonsite.io
devaprsweb01.ornl.gov
ftp.ornl.gov
inspirebridge.ornl.gov
web.ornl.gov
api.granite.ccs.ornl.gov
smcdatachallenge.ornl.gov
home.rrd.ornl.gov
itsassets.ornl.gov
trac.ornl.gov
cdiacservices.ornl.gov
www.isotopes.gov
itsassets.ornl.gov
saponbase.ornl.gov
itsdeployment.ornl.gov
bptechday.ornl.gov
isotopes.phy.ornl.gov
g2mobiletest.ornl.gov
udi.ornl.gov
fegtest.ornl.gov
itsassets.ornl.gov
cem.ornl.gov
swc.ornl.gov
ornlaccess.ornl.gov
ornl.gov
LYNCACCESS.ORNL.GOV
g2photosstg.ornl.gov
savitar.ornl.gov
vera.ornl.gov
thredds.daac.ornl.gov
www.olcf.ornl.gov
asc2019.ornl.gov
ready.ornl.gov
sos23.ornl.gov
LYNCPOOL01.ORNL.GOV
innovationcrossroads.ornl.gov
geoai.ornl.gov
bboxaccess.ornl.gov
5631383682678784-fe4.pantheonsite.io
na21dev2.ornl.gov
armftp.ornl.gov
5736126123868160-fe4.pantheonsite.io
web.ornl.gov
pdt.ornl.gov
prod-web4.adc.arm.gov
5713320610889728-fe3.pantheonsite.io
itsdpro.ornl.gov
healthdata.ornl.gov
web.ornl.gov
RSC.ornl.gov
faf.ornl.gov
docs.excl.ornl.gov
apps.ornl.gov
dtrack2013.ornl.gov
pdt.ornl.gov
cloud.cees.ornl.gov
excl.ornl.gov
finder.extapps.ornl.gov
5631383682678784-fe4.pantheonsite.io
Certificate
The complete raw certificate details for itsassets.ornl.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFdjCCBF6gAwIBAgISBN1RGUKhtJup1Ut0yRtgIqlmMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTExMjIxNDU2MjhaFw0y MDAyMjAxNDU2MjhaMB0xGzAZBgNVBAMTEml0c2Fzc2V0cy5vcm5sLmdvdjCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJCQLAEq9JcmxxYlbbO2cmtG/zTi +auP6lNtul6ulK1gp63kPxDnz4K6x6zeqC+onEOMwoUsPgWc8MuAUSG45pcJFYNs sojqAvHFsI1jrNRkam8DPOJDTZQbZB9Gh8OjB4OQWg/F7yp+LDzhxUDHIzrZXDTZ nRbkUErPOCaScCe8MLVabiEEFLqbX0Ey6AgS9U2DJ7cGXSOBV3JR9ZV+oG2ZrHqO SXqjgbbZnSXGavG61b5dfRhvd6jmgpghCCG0MtGDHjUJb/ce7z738kxo/qa3GYUS 72hsuhbLjSrGnrkQzbePadjYrLwpdrEUcdzFEr9I5BYdL8Uw8NlEu9CwG3MCAwEA AaOCAoEwggJ9MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI KwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU01YPZg9GnByim2mJ+1Po E2qPsN8wHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUH AQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5 cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5 cHQub3JnLzA4BgNVHREEMTAvghJpdHNhc3NldHMub3JubC5nb3aCGXd3dy5pdHNh c3NldHMuaXRzLmRvdC5nb3YwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC 3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcw ggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQBvU3asMfAxGdiZAKRRFf93FRwR2QLB ACkGjbIImjfZEwAAAW6T1DZ9AAAEAwBGMEQCIEhgDEeoFwSRVg0J0pQpj97vvPPS tX9+EWDZLxBWNaPbAiBRlcKBUeFfoZ1zybA6Uq1kXFl+3CbWfJjQMMbpMarzDQB2 AAe3XBvlfWj/8bDGHSMVx7rmV3xXlLdq7rxhOhpp06IcAAABbpPUNn4AAAQDAEcw RQIgKkxX+T1ya3HYCLt3sYflpE8jfjiZSP0nmNbe+ytTfTMCIQCfGWFqiJT3h5mL T1Mb79EvMVbn8j+mOCjf2NwHKm4sYjANBgkqhkiG9w0BAQsFAAOCAQEATLyEDeFJ i7fu/i8gk6kaHPq/IWAZ0KQ7EHxNa9f5t8VUWz4Ufja5sXc0FjqkUqEb785qOvyQ 0dy6ejxoZcNmFW0d+osvWIoiQrlNdnqjTmaOEUJFpNd91D7XIDQ/+bobf9n3xYf2 woyFtiN0ROs7ce1M9CCe0lNZcS1tW6YcTctWDoTvAFN0KcJuUt0ILUJSNtip2lqX Mqt2XADHGd1prT3JrMKsL7VKBIdfLfVtGc2va33mT9VWFiJjGY+wUPVxuKNinoRv tLhDoVpqg+ymMwGZ4ZFpARWvQHKMNZBjR/gdqQm8H5xSxM31YPIYf3loZgmnXzLA jauw4SU7rJujNg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJAsASr0lybHFiVts7Zy a0b/NOL5q4/qU226Xq6UrWCnreQ/EOfPgrrHrN6oL6icQ4zChSw+BZzwy4BRIbjm lwkVg2yyiOoC8cWwjWOs1GRqbwM84kNNlBtkH0aHw6MHg5BaD8XvKn4sPOHFQMcj OtlcNNmdFuRQSs84JpJwJ7wwtVpuIQQUuptfQTLoCBL1TYMntwZdI4FXclH1lX6g bZmseo5JeqOBttmdJcZq8brVvl19GG93qOaCmCEIIbQy0YMeNQlv9x7vPvfyTGj+ prcZhRLvaGy6FsuNKsaeuRDNt49p2NisvCl2sRRx3MUSv0jkFh0vxTDw2US70LAb cwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 423759345443099092061388525884253795428710 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-22 14:56:28 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-20 14:56:28 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'itsassets.ornl.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18249409725164142932385978332077962026115916003936407575858961074066174117179806477707313826446722027251095113741878630249895250585901415491063476040468560180180128169524798714390309231304013915269206670966802043582856192050384829552130757638207535703316166860270742282746359619794851162796219992328701116827574073566296785002030939349478056758381274031553432570125523269514647974950321352787248169067317024674904322361913645248926435254014208639532309302671548673432486024918471684251835824463888598182840236113686925711874211036509328259387438556788987965498845834919511808649385851868897700612705053534909700774771 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d3560f660f469c1ca29b6989fb53e8136a8fb0df . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'itsassets.ornl.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.itsassets.its.dot.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016e93d4367d0000040300463044022048600c47a8170491560d09d294298fdeefbcf3d2b57f7e1160d92f105635a3db02205195c28151e15fa19d73c9b03a52ad645c597edc26d67c98d030c6e931aaf30d00760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016e93d4367e000004030047304502202a4c57f93d726b71d808bb77b187e5a44f237e389948fd2798d6defb2b537d330221009f19616a8894f787998b4f531befd12f3156e7f23fa63828dfd8dc072a6e2c62 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004cbc840de1498bb7eefe2f2093a91a1cfabf216019d0a43b107c4d6bd7f9b7c5545b3e147e36b9b17734163aa452a11befce6a3afc90d1dcba7a3c6865c366156d1dfa8b2f588a2242b94d767aa34e668e114245a4d77dd43ed720343ff9ba1b7fd9f7c587f6c28c85b6237444eb3b71ed4cf4209ed25359712d6d5ba61c4dcb560e84ef00537429c26e52dd082d425236d8a9da5a9732ab765c00c719dd69ad3dc9acc2ac2fb54a04875f2df56d19cdaf6b7de64fd556162263198fb050f571b8a3629e846fb4b843a15a6a83eca6330199e191690115af40728c35906347f81da909bc1f9c52c4cdf560f2187f79686609a75f32c08dabb0e1253bac9ba336